multiple domains not working in cyrus

Hügel, Christian christian.huegel at stonebyte.de
Tue Mar 11 15:17:34 CET 2014


Am 10-03-2014 11:55, schrieb Jan Hofmann:
> Hi all,
> 
> I added a second domain in the kolab-webadmin and afterwards I
> modified all configs like described in
> http://docs.kolab.org/howtos/multi-domain.html
> Postfix is working fine, all mails for the second domain are delivered
> in the right mailboxes.
> 
> But I can’t login with a user from the second domain. Cyrus gives me
> the following errormessage (external mailclient and Roundcube):
> 
> Mar 10 11:44:17 mail ptloader[18251]: starting: ptloader.c,v git2.5+0
> Mar 10 11:44:17 mail imap[18231]: ptload(): bad response from ptloader
> server: identifier not found
> Mar 10 11:44:17 mail imap[18231]: ptload completely failed: unable to
> canonify identifier: max.mustermann at example.de
> Mar 10 11:44:17 mail imap[18231]: SASL bad userid authenticated
> Mar 10 11:44:17 mail imap[18231]: badlogin: localhost [127.0.0.1]
> PLAIN [SASL(-13): authentication failure: bad userid authenticated]
> 
> in /etc/imapd.conf I added all the ldap_domain_* parts as described in
> the “Cyrus 2.5 section” from the above tutorial, here is my
> imapd.conf:
> 
> ### imapd.conf - begin ###
> 
> configdirectory: /var/lib/imap
> partition-default: /var/spool/imap
> admins: cyrus-admin
> sievedir: /var/lib/imap/sieve
> sendmail: /usr/sbin/sendmail
> sasl_pwcheck_method: auxprop saslauthd
> sasl_mech_list: PLAIN LOGIN
> allowplaintext: no
> tls_cert_file: /etc/pki/tls/certs/example.de.crt
> tls_key_file: /etc/pki/tls/private/example.de.key
> tls_ca_file: /etc/pki/tls/certs/sub.class1.server.ca.pem
> # uncomment this if you're operating in a DSCP environment (RFC-4594)
> # qosmarking: af13
> auth_mech: pts
> pts_module: ldap
> ldap_servers: ldap://localhost:389
> ldap_sasl: 0
> ldap_base: dc=example,dc=de
> ldap_bind_dn: uid=kolab-service,ou=Special Users,dc=example,dc=de
> ldap_password: vlTMR1QJZ9SCe99
> ldap_filter:
> (|(&(|(uid=cyrus-admin)(uid=cyrus-murder))(uid=%U))(&(|(uid=%U)(mail=%U@%d)(mail=%U@%r))(objectclass=kolabinetorgperson)))
> ldap_user_attribute: mail
> ldap_group_base: dc=example,dc=de
> ldap_group_filter:
> (&(cn=%u)(objectclass=ldapsubentry)(objectclass=nsroledefinition))
> ldap_group_scope: one
> ldap_member_base: ou=People,dc=example,dc=de
> ldap_member_method: attribute
> ldap_member_attribute: nsrole
> ldap_restart: 1
> ldap_timeout: 10
> ldap_time_limit: 10
> unixhierarchysep: 1
> virtdomains: userid
> annotation_definitions: /etc/imapd.annotations.conf
> sieve_extensions: fileinto reject envelope body vacation imapflags
> notify include regex subaddress relational copy
> allowallsubscribe: 0
> allowusermoves: 1
> altnamespace: 1
> hashimapspool: 1
> anysievefolder: 1
> fulldirhash: 0
> sieveusehomedir: 0
> sieve_allowreferrals: 0
> lmtp_downcase_rcpt: 1
> lmtp_fuzzy_mailbox_match: 1
> username_tolower: 1
> deletedprefix: DELETED
> delete_mode: delayed
> expunge_mode: delayed
> flushseenstate: 1
> postuser: shared
> 
> #changes for multidomain
> ldap_domain_base_dn: cn=kolab,cn=config
> ldap_domain_filter: 
> (&(objectclass=domainrelatedobject)(associateddomain=%s))
> ldap_domain_name_attribute: associatedDomain
> ldap_domain_scope: sub
> ldap_domain_result_attribute: inetdomainbasedn
> 
> ### imapd.conf - end ###
> 
> Any Ideas?
> 
> Best regards,
> Jan
> 

There´s a open bug [1] for this issue.

Regards,

Christian

[1] https://issues.kolab.org/show_bug.cgi?id=2495


More information about the users mailing list